Event ID - 1098

Port No1098
Service NameHvl RAT
RFC Doc0
ProtocolTCP
Description This backdoor malwae, written in Visual Basic 5, is similar to a Remote Access Tool (RAT) that uses a server program to infect a target computer and uses a client program to execute malicious functions on the infected system. It uses a default port 1099 for its client-server connections. The user of the client program may modify the port number. It compromises network security.
Reference LinkHvl RAT Trojan
AttackInformation :
This backdoor malware enables the user of the client program to execute any or all of the following on the computer infected with the server program:

1.Stream the audio component
2.Show commands
3.Get IP status
4.Bounce connection
5.Shutdown Windows
6.Get Network Information
7.Get Password
8.Upload a File

This backdoor can also gain AOL connection. Once connected in AOL messenger, it executes any or all of the following:

1.Have a screen name
2.Send an Instant Message
3.Join a chat room
4.Spy in a chat room
5.Send an email to an AOL recipient
6.Show/Hide the AOL console
7.Turn IM on/off

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.